1 Reply

So I wrote this question in order to document this specific functionality.

Coveo for Sitecore leverages the Expanded Permission Provider, a Security Provider using a PUSH mechanism.

When pushing to that provider, Coveo for Sitecore will add the Sitecore identity but will also expend the mapping to other sources of identities, such as the email which is often used on Sitecore users. To add this mapping, it uses the getusermapping processor in the REST Endpoint Pipeline.